The Buzz at Finovate: New Security Tech
When international criminals lifted $45 million from two Middle Eastern banks using stolen prepaid card data , Green Dot's chief executive Steve Streit says he wasn't surprised.May 14
The DDoS threat has eased, if only for a few days, and security officers have a new/old worry to focus on.May 13
Cyber heists. Account takeovers. Wire fraud.
Security has taken on increased importance this year in light of recent data breaches that have put millions of dollars on the line and the ongoing threat of distributed denial of service attacks. Reflecting this industry-wide sense of alarm, at this week's FinovateSpring there were several startups focused solely on providing authentication to bank customers.
"Information security has always been a space with a ton of vendors, both small and large," says Jacob Jegher, a Celent senior analyst. "[But] it's great to see increased emphasis on security at Finovate."
He says it's time for the banking industry to "up the ante with regards to authentication, identity management, and overall fraud prevention."
Indeed, the venture capital investment in IT security startups has more than doubled to roughly $16 million in the average funding round, according to tech blog GigaOM.
The quarterly showcase of financial technology vendors, which takes place at different locations around the world throughout the year, is a petri dish of innovation that reflects the industry's progress.
At this year's event, taking place Tuesday and Wednesday in San Francisco, there are four standout authentication vendors:
EyeVerify demonstrated a biometric authentication system that uses cell phone cameras to recognize the vein patterns in a person's eye -- replacing user names and passwords for mobile banking.
AuthenticID showed how it uses private data to stop fraudsters from providing bad information during bank account verification processes by making users present a photo ID that is checked against DMV records.
OneID announced new multi-factor authentication software that uses device identitification to authenticate users.
And Trusted Knight of Annapolis, Md. debuted malware blocking software.
Those were just the companies presenting at FinovateSpring that specialized in online bank protection. Many others had technology that addressed fraud concerns more broadly.
Mechanics Bank digital strategy head Bradley Leimer says security in general is the easiest thing to sell to banks right now.
"So here's the thing, FFIEC guidance has dictated multiple levels of security, so when I think of the obvious sell, it's going to be purely focused on authentication and security. That's the easiest path to purchase," says Leimer. "Security and authentication is like catnip to banks, we are not only forced to buy, we feel like we must."
And it's likely to remain that way, says Jim Marous, a senior vice president of corporate development at digital direct marketing agency New Control and author of the Bank Marketing Strategy blog.
"I think what we have here is the marketplace saying: 'I'm not going to get into mobile payments, and in some cases mobile banking, without a stronger comfort level with the security provided,'" he says.
"I think that right now everything is growing," he says of mobile banking in general. "[But] one of the hurdles to go into the mobile phone platform is security."
The larger question, however, is how the security these startups provide will actually work, says Jegher.
Will it be done behind the scenes? Will the customer experience be disturbed? Will consumers need to obtain new hardware and/or software?
"There are still a lot of unanswered questions," says Jegher. "I believe bank customers need to be more actively invested in the protection of their own assets and identities, in addition to what the bank does."